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121 Virtu al e n terprise access con tr ol r eq u i rements j 
M. Coetzee, Jan H. P. Eloff 

September 2003 Proceedings of the 2003 annual research conference of the South 

African institute of computer scientists and information technologists 
on Enablement through technology SAICSIT '03 

Publisher: South African Institute for Computer Scientists and Information Technologists 



Full text available:^) pdff 126.63 KB) 



Additional Information: full citation , abstract , references , citing s, index 



Current developments in IT point towards the formation of loosely coupled enterprises, 
often referred to as virtual enterprises. These enterprises require both secure and flexible 
collaboration between unrelated information systems. Web services technology can be 
used as an ideal platform for realising virtual enterprises throughh their ease of 
integration, flexibility, and support of XML vocabularies. To ensure the successful 
implementation of Web services within virtual enterprises, new approa ... 

Keywords: B2B, SOAP, XML, access control, design, federation, management, roles, 
security, standardization, trust, virtual enterprises, web services 



122 Lang uage-based security: Dynamic label bindin g at run-time B 
^ Yolanta Beres, Chris I. Dalton 

^ August 2003 Proceedings of the 2003 workshop on New security paradigms NSPW '03 
Publisher: ACM Press 

Full text available: ^] pdf(727.41 KB ) Additional Information: full citation , abstract , ref erenc es 

Information flow control allows enforcement of end-to-end confidentiality policies but has 
been difficult to put in practice. This paper introduces a pragmatic new approach for 
tracking information flow while the process is running at the same time applying dynamic 
label binding. The underlying implementation mechanism uses machine code instruction 
stream modification to track individual data movements and manipulations within the 
address space of an application. This gives the ability to precis ... 

Keywords: data labeling, information flow control, labels 



123 Policy manag em ent using access control s paces B 
Trent Jaeger, Xiaolan Zhang, Antony Edwards 
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. August 2003 ACM Transactions on Information and System Security (TISSEC), volume 6 
Issue 3 
Publisher: ACM Press 

, ul « Jf , ocn cn „ D , Additional Information: full citation , abstract , references , citings, index 
Full text available: fl | pdf(360.69 KB) terms , rev iew 

We present the concept of an access control space and investigate how it may be useful in 
managing access control policies. An access control space represents the permission 
assignment state of a subject or role. For example, the set of permissions explicitly 
assigned to a role defines its specified subspace, and the set of constraints precluding 
assignment to that role defines its prohibited subspace. In analyzing these subspaces, we 
identify two problems: (1) often a signi ... 

Keywords: Access control models, authorization mechanisms, role-based access control 

124 Towards a resource for lexical semantics: a lar g e Germ an corpus w it h extensive j 
semantic annotation 

Katrin Erk, Andrea Kowalski, Sebastian Pado, Manfred Pinkal 

July 2003 Proceedings of the 41st Annual Meeting on Association for Computational 
Linguistics - Volume 1 ACL '03 

Publisher: Association for Computational Linguistics 

Full text available: ^ pdfCl 27.42 KB) Additional Information: full citation , abstract , references 

We describe the ongoing construction of a large, semantically annotated corpus resource 
as reliable basis for the large-scale acquisition of word-semantic information, e.g. the 
construction of domain-independent lexica. The backbone of the annotation are semantic 
roles in the frame semantics paradigm. We report experiences and evaluate the annotated 
data from the first project stage. On this basis, we discuss the problems of vagueness and 
ambiguity in semantic annotation. 

125 Logical and physical design issues for smart card^databases j 
xftv Cristiana Bolchini, Fabio Saiice, Fabio A. Schreiber, Letizia Tanca 

>P July 2003 ACM Transactions on Information Systems (TOIS), volume 21 issue 3 
Publisher: ACM Press 

, JI1H „ K , m Additional Information: fyJicitati.o_n, abstract, refeiMices, cjtmgs, ing^x 

Full text available:^ pdf(1, 12 MB) {erms 

The design of very small databases for smart cards and for portable embedded systems is 
deeply constrained by the peculiar features of the physical medium. We propose a joint 
approach to the logical and physical database design phases and evaluate several data 
structures with respect to the performance, power consumption, and endurance 
parameters of read/program operations on the Flash-EEPROM storage medium. 

Keywords: Design methodology, access methods, data structures, flash memory, 
personal information systems, smart card 



126 A portable Virtual Machine tar g et for Proof-Carry ing Code B 
^ Michael Franz, Deepak Chandra, Andreas Gal, Vivek Haldar, Fermm Reig, Ning Wang 
^ June 2003 Proceedings of the 2003 workshop on Interpreters, virtual machines and 
emulators IVME '03 
Publisher: ACM Press 

Full text available: *g] pdf (285.85 KB ) Additional Information: full citation , abstract, references 

Virtual Machines (VMs) and Proof-Carrying Code (PCC) are two techniques that have been 
used independently to provide safety for (mobile) code. Existing virtual machines, such as 
the Java VM, have several drawbacks: First, the effort required for safety verification is 
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considerable. Second and more subtly, the need to provide such verification by the code 
consumer inhibits the amount of optimization that can be performed by the code 
producer. This in turn makes just-in-time compilation surprising ... 

127 Constraints: On context in authorization policy 
^ Patrick McDaniel 

N/ June 2003 Proceedings of the eighth ACM symposium on Access control models and 
technologies SACMAT '03 

Publisher: ACM Press 

Full text available:g D df ( 316.39KB> Additional "Nation: j^f^' citings, mdex 

Authorization policy infrastructures are evolving with the complex environments that they 
support. However, the requirements and technologies supporting context are not yet well 
understood. Often implemented as condition functions or predefined attributes, context is 
used to more precisely control when and how policy is enforced. This paper considers 
context requirements and services in authorization policy. The properties and security 
requirements of context evaluation are classified. A key obs ... 

Keywords: authorization, context, distributed systems, policy, policy-oriented 
programming, security requirements 



128 Open hy permedia and the web: Xspect: brid ging open hy permedia and XLink 

Bent G. Christensen, Frank Allan Hansen, Niels Olof Bouvin 
>^ May 2003 Proceedings of the 12th international conference on World Wide Web 
WWW '03 

Publisher: ACM Press 

^ „. , .. e Additional Information: fuHjcitatioo, abstract, refej^nces, ciMgs, Lodex 

Full text available: ^I[ pdf(288.32 KB ) terms 

This paper evaluates the XLink format in comparison with other linking formats. The 
comparison is based on Xspect, an implementation of XLink. Xspect handles 
transformation between an open hypermedia format (OHIF) and XLink, and the paper 
discusses this isomorphic transformation and generalises it to include another open 
hypermedia format, FOHM. The Xspect system, based on XSLT and Javascript, provides 
users with an interface to browse and merge linkbases. Xspect supports navigational 
hypermedia ... 

Keywords: FOHM, OHIF, SVG, XLink, XPointer, Xspect, annotations, open hypermedia 



129 Better public policy through natural lan guage info rmation access 
Boris Katz, Roger Hurwitz, Jimmy J. Lin, Ozlem Uzuner 

May 2003 Proceedings of the 2003 annual national conference on Digital 

government research dg.o '03 
Publisher: Digital Government Research Center 

Full text available: ^pdf(73.23 KB) Additional Information: full citation, abstract, references 

Federal agencies implement laws passed by the Congress by creating rules and 
regulations that can be applied in practice. During this process, staffs at the various 
agencies may review past and current regulations and receive comments from 
stakeholders and the public regarding the proposed regulations. Putting rulemaking online 
can increase the public's awareness of the proposed rules and its participation in the 
process. It can also facilitate staff work. A key factor in realizing these benefits ... 
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Chandrasekhar Boyapati, Alexandra Salcianu, William Beebee, Martin Rinard 
* May 2003 ACM SIGPLAN Notices , Proceedings of the ACM SIGPLAN 2003 conference 
on Programming language design and implementation PLDI '03, volume 38 

Issue 5 

Publisher: ACM Press 

u, 0, -o Additional Information: full citation , abstra ct, r eferences , cjtings, index 

Full text available: ^pdf( 375.18 KB) (erms 

The Real Time Specification for Java (RTSJ) allows a program to create real-time threads 
with hard real-time constraints. Real-time threads use region-based memory 
management to avoid unbounded pauses caused by interference from the garbage 
collector. The RTSJ uses runtime checks to ensure that deleting a region does not create 
dangling references and that real-time threads do not access references to objects 
allocated in the garbage-collected heap. This paper presents a static type system that ... 

Keywords: encapsulation, ownership types, real-time, regions 



13" 1 Web cache prefetchi ng as an as pe ct: towa rds a dynamic-wea^g^MgdsoJutjon | 
^ Marc : Segura-Devillechaise, Jean-Marc Menaud, Gilles Muller, Julia L. Lawall 
V March 2003 Proceedings of the 2nd international conference on Aspect-oriented 
software development AOSD '03 

Publisher: ACM Press 

.. u. *s» _,„.,™.„d* Additional Information: full citation, abstract, references, citings, index 
Full text available: ^ pd.f(1 .08 MB) terms 

Given the high proportion of HTTP traffic in the Internet, Web caches are crucial to reduce 
user access time, network latency, and bandwidth consumption. Prefetching in a Web 
cache can further enhance these benefits. For the best performance, however, the 
prefetching policy must match user and Web application characteristics. Thus, new 
prefetching policies must be loaded dynamically as needs change. Most Web caches are 
large C programs, and thus adding one or more prefetching policies to an exist ... 

Keywords: Web caches, adaptable software, aspect-oriented programming, code 
instrumentation, pointcut language 



132 Flexible reference trace reduction for VM simulations I 
A Scott F. Kaplan, Yannis Smaragdakis, Paul R. Wilson 

^ January 2003 ACM Transactions on Modeling and Computer Simulation (TOMACS), 

Volume 13 Issue 1 
Publisher: ACM Press 

.. u, ,r/ 1 j r o, Additional Information: full citation , abstract , references, cjtings, index 

Full text available: ^j^(41JL.8JJ<B) terms 

The unmanageably large size of reference traces has spurred the development of 
sophisticated trace reduction techniques. In this article we present two new algorithms for 
trace reduction: Safely Allowed Drop (SAD) and Optimal LRU Reduction (OLR). Both 
achieve high reduction factors and guarantee exact simulations for common replacement 
policies and for memories larger than a user-defined threshold. In particular, simulation 
on OLR-reduced traces is accurate for the LRU repla ... 

Keywords: cache hierarchies, locality, reference traces, trace compression, trace 
reduction 
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>k Xiaohu Qie, Ruoming Pang, Larry Peterson 

<^ December 2002 ACM SIGOPS Operating Systems Review, volume 36 issue si 
Publisher: ACM Press 

Full text available: ^pdf(2.13MB) Additional Information: MASfifl, abstract, references, cited by, index 

This paper describes a toolkit to help improve the robustness of code against DoS attacks. 
We observe that when developing software, programmers primarily focus on functionality. 
Protecting code from attacks is often considered the responsibility of the OS, firewalls and 
intrusion detection systems. As a result, many DoS vulnerabilities are not discovered until 
the system is attacked and the damage is done. Instead of reacting to attacks after the 
fact, this paper argues that a better solution i ... 

134 The code of many colors: relatin g threads to code and shared state 
Dean F. Sutherland, Aaron Greenhouse, William L. Scherlis 

November 2002 ACM SIGSOFT Software Engineering Notes , Proceedings of the 2002 
ACM SIGPLAN-SIGSOFT workshop on Program analysis for software 
tools and engineering PASTE '02, volume 28 issue l 

Publisher: ACM Press 

r- „. .... 0 WD . Additional Information: full citation, abstract, rejferences, dMgs, index 

Full text available:TO pdf( 1 65.67 K B) ~ ~ ~ 

^ t erms 

We introduce a thread colors model as a way to express design intent concerning the 
relationships between threads, executable code, and shared state. By expressing the 
model as annotations in code, it is possible to formally link the model with source code 
and to analyze the consistency of model and code in a composable manner. By using 
annotations as cut-points, APIs can be annotated and compliance with library threading 
policies can be evaluated. This is illustrated using case study examples f ... 

Keywords: Java, design intent, multi-threaded programming, race conditions 



135 Understandin g BGP misconfi quration I 
/£y Ratul Mahajan, David Wetherall, Tom Anderson 

>P August 2002 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2002 conference on Applications, technologies, architectures, and 
protocols for computer communications SIGCOMM '02, volume 32 issue 4 
Publisher: ACM Press 

„ . .. .. Additional Information: full citation , abstract, references , citings, index 

Full text available: ^ pdf(312.33 KB ) 

It is well-known that simple, accidental BGP configuration errors can disrupt Internet 
connectivity. Yet little is known about the frequency of misconfiguration or its causes, 
except for the few spectacular incidents of widespread outages. In this paper, we present 
the first quantitative study of BGP misconfiguration. Over a three week period, we 
analyzed routing table advertisements from 23 vantage points across the Internet 
backbone to detect incidents of misconfiguration. For each incident we ... 

136 S ecure prog ram partit io ning | 
^ Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, Andrew C. Myers 

>/ August 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 3 
Publisher: ACM Press 

Full text available:^ Bdf(49L12KB) Additional lnformation: ^citation, abstract, references, citings, index 
l£=l " terms 
This paper presents secure program partitioning, a language-based technique for 
protecting confidential data during computation in distributed systems containing mutually 
untrusted hosts. Confidentiality and integrity policies can be expressed by annotating 
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programs with security types that constrain information flow; these programs can then be 
partitioned automatically to run securely on heterogeneously trusted hosts. The resulting 
communicating subprograms collectively implement the original p ... 

Keywords: Confidentiality, declassification, distributed systems, downgrading, integrity, 
mutual distrust, secrecy, security policies, type systems 



137 S ess i on 11 A: coordination and cooperation II: Mu l ti-a gent policies: from centralized 

one s to decen tralized ones 
^ Ping Xuan, Victor Lesser 

July 2002 Proceedings of the first international joint conference on Autonomous 
agents and multiagent systems: part 3 AAMAS '02 

Publisher: ACM Press 

Full text available: ^(17670 KB). Additional ""formation: Miration, abstract, references, citings, index 

In this paper we divide multi-agent policies into two categories: centralized ones and 
decentralized ones. They reflect different views of multi-agent systems and different 
decision-theoretic underpinnings. While the centralized policies specify the decision of the 
agents according to the global system state, the decentralized policies, which correspond 
to the decisions of situated agents, must assume only a partial knowledge of the system 
in each agent and must deal with communication explicitl ... 

Keywords: action selection and planning, agent comm languages and protocols, 
cooperation, coordinating multi agents & activities, methodologies and tools 



138 Access Control Policies and Specifications: Mana g ing access control policies usin g | 
<^ access control spaces 

^ Trent Jaeger, Antony Edwards, Xiaolan Zhang 

June 2002 Proceedings of the seventh ACM symposium on Access control models and 

technologies SACMAT '02 
Publisher: ACM Press 

r- „. . >. u, f, ^o^i ™ Additional Information: full citation , abstract, references , citings, index 
Full text available: ^ pdf (1 28.94 KB ) \ e rms 

We present the concept of an access control space and investigate how it may be useful in 
managing access control policies. An access control space represents the permission 
assignment state of a subject. We identify subspaces that have meaningful semantics. For 
example, the set permissions explicitly assigned to a subject defines its specified 
subspace, and constraints define the prohibited subspace. In analyzing these subspaces, 
we identify two problems: (1) often a significant portion ... 

139 Access Control Policies and Specifications: An access control lan guag e for web [ 
<g> services 

^ Emin Gun Sirer, Ke Wang 

June 2002 Proceedings of the seventh ACM symposium on Access control models and 
technologies SACMAT '02 

Publisher: ACM Press 

,,i •• u . 0) Jt /oco ^ Additional Information: full citation , abstract , references , citings, index 

Full text available: T^l. pdf(253. 08 KB ) terms 

This paper presents an approach for formally specifying and enforcing security policies on 
web service implementations. Networked services in general, and web services in 
particular, require extensive amounts of code to ensure that clients respect site-integrity 
constraints. We provide a language by which these constraints can be expressed and 
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enforced automatically, portably and efficiently. Security policies in our system are 
specified in a language based on temporal logic, and are processed b ... 

Keywords: access control, web services 



140 Te chnical pa pers: concurrency: Assurin g a nd evolvin g concurrent programs: | 

annotations and polic y 
^ Aaron Greenhouse, William L. Scherlis 

May 2002 Proceedings of the 24th International Conference on Software 
Engineering ICSE '02 

Publisher: ACM Press 

r- .. . ^ >■ ■ | fi ,„ Additional Information: full citation , abstract, r eferences , citings, index 

Full text available:^ pdfd. 38 MB) 

Assuring and evolving concurrent programs requires understanding the concurrency- 
related design decisions used in their implementation. In Java-style shared-memory 
programs, these decisions include which state is shared, how access to it is regulated, the 
roles of threads, and the policy that distinguishes desired concurrency from race 
conditions. These decisions rarely have purely local manifestations in code. In this paper, 
we use case studies from production Java code to explore the costs and ... 
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